xref: /netbsd-src/external/mpl/bind/dist/bin/tests/system/runtime/tests.sh (revision 9689912e6b171cbda866ec33f15ae94a04e2c02d) 
1#!/bin/sh
2
3# Copyright (C) Internet Systems Consortium, Inc. ("ISC")
4#
5# SPDX-License-Identifier: MPL-2.0
6#
7# This Source Code Form is subject to the terms of the Mozilla Public
8# License, v. 2.0.  If a copy of the MPL was not distributed with this
9# file, you can obtain one at https://mozilla.org/MPL/2.0/.
10#
11# See the COPYRIGHT file distributed with this work for additional
12# information regarding copyright ownership.
13
14set -e
15
16# shellcheck source=conf.sh
17. ../conf.sh
18
19RNDCCMD="$RNDC -c ../_common/rndc.conf -p ${CONTROLPORT} -s"
20NAMED_DEFAULT_ARGS="-m record -d 99 -g"
21
22kill_named() {
23  pidfile="${1}"
24  if [ ! -r "${pidfile}" ]; then
25    return 1
26  fi
27
28  pid=$(cat "${pidfile}" 2>/dev/null)
29  if [ "${pid:+set}" = "set" ]; then
30    kill -15 "${pid}" >/dev/null 2>&1
31    retries=10
32    while [ "$retries" -gt 0 ]; do
33      if ! kill -0 "${pid}" >/dev/null 2>&1; then
34        break
35      fi
36      sleep 1
37      retries=$((retries - 1))
38    done
39    # Timed-out
40    if [ "$retries" -eq 0 ]; then
41      echo_i "failed to kill named ($pidfile)"
42      return 1
43    fi
44  fi
45  rm -f "${pidfile}"
46  return 0
47}
48
49check_named_log() {
50  grep "$@" >/dev/null 2>&1
51}
52
53run_named() (
54  dir="$1"
55  shift
56  run="$1"
57  shift
58  if cd "$dir" >/dev/null 2>&1; then
59    "${NAMED}" "$@" ${NAMED_DEFAULT_ARGS} >>"$run" 2>&1 &
60    echo $!
61  fi
62)
63
64check_pid() (
65  return $(! kill -0 "${1}" >/dev/null 2>&1)
66)
67
68status=0
69n=0
70
71n=$((n + 1))
72echo_i "verifying that named started normally ($n)"
73ret=0
74[ -s ns2/named.pid ] || ret=1
75grep "unable to listen on any configured interface" ns2/named.run >/dev/null && ret=1
76grep "another named process" ns2/named.run >/dev/null && ret=1
77if [ $ret -ne 0 ]; then echo_i "failed"; fi
78status=$((status + ret))
79
80n=$((n + 1))
81echo_i "checking that named refuses to reconfigure if working directory is not writable ($n)"
82ret=0
83copy_setports ns2/named-alt1.conf.in ns2/named.conf
84$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 && ret=1
85grep "failed: permission denied" rndc.out.$n >/dev/null 2>&1 || ret=1
86sleep 1
87grep "[^-]directory './nope' is not writable" ns2/named.run >/dev/null 2>&1 || ret=1
88if [ $ret -ne 0 ]; then echo_i "failed"; fi
89status=$((status + ret))
90
91n=$((n + 1))
92echo_i "checking that named refuses to reconfigure if managed-keys-directory is not writable ($n)"
93ret=0
94copy_setports ns2/named-alt2.conf.in ns2/named.conf
95$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 && ret=1
96grep "failed: permission denied" rndc.out.$n >/dev/null 2>&1 || ret=1
97sleep 1
98grep "managed-keys-directory './nope' is not writable" ns2/named.run >/dev/null 2>&1 || ret=1
99if [ $ret -ne 0 ]; then echo_i "failed"; fi
100status=$((status + ret))
101
102n=$((n + 1))
103echo_i "checking that named refuses to reconfigure if new-zones-directory is not writable ($n)"
104ret=0
105copy_setports ns2/named-alt3.conf.in ns2/named.conf
106$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 && ret=1
107grep "failed: permission denied" rndc.out.$n >/dev/null 2>&1 || ret=1
108sleep 1
109grep "new-zones-directory './nope' is not writable" ns2/named.run >/dev/null 2>&1 || ret=1
110if [ $ret -ne 0 ]; then echo_i "failed"; fi
111status=$((status + ret))
112
113n=$((n + 1))
114echo_i "checking that named recovers when configuration file is valid again ($n)"
115ret=0
116copy_setports ns2/named1.conf.in ns2/named.conf
117$RNDCCMD 10.53.0.2 reconfig >rndc.out.$n 2>&1 || ret=1
118[ -s ns2/named.pid ] || ret=1
119kill_named ns2/named.pid || ret=1
120if [ $ret -ne 0 ]; then echo_i "failed"; fi
121status=$((status + ret))
122
123n=$((n + 1))
124echo_i "checking that named refuses to start if working directory is not writable ($n)"
125ret=0
126testpid=$(run_named ns2 named$n.run -c named-alt1.conf -D runtime-ns2-extra-4)
127test -n "$testpid" || ret=1
128retry_quiet 10 check_named_log "exiting (due to fatal error)" ns2/named$n.run || ret=1
129grep "[^-]directory './nope' is not writable" ns2/named$n.run >/dev/null 2>&1 || ret=1
130kill_named ns2/named.pid && ret=1
131test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
132if [ $ret -ne 0 ]; then echo_i "failed"; fi
133status=$((status + ret))
134
135n=$((n + 1))
136echo_i "checking that named refuses to start if managed-keys-directory is not writable ($n)"
137ret=0
138testpid=$(run_named ns2 named$n.run -c named-alt2.conf -D runtime-ns2-extra-5)
139test -n "$testpid" || ret=1
140retry_quiet 10 check_named_log "exiting (due to fatal error)" ns2/named$n.run || ret=1
141grep "managed-keys-directory './nope' is not writable" ns2/named$n.run >/dev/null 2>&1 || ret=1
142kill_named named.pid && ret=1
143test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
144if [ $ret -ne 0 ]; then echo_i "failed"; fi
145status=$((status + ret))
146
147n=$((n + 1))
148echo_i "checking that named refuses to start if new-zones-directory is not writable ($n)"
149ret=0
150testpid=$(run_named ns2 named$n.run -c named-alt3.conf -D runtime-ns2-extra-6)
151test -n "$testpid" || ret=1
152retry_quiet 10 check_named_log "exiting (due to fatal error)" ns2/named$n.run || ret=1
153grep "new-zones-directory './nope' is not writable" ns2/named$n.run >/dev/null 2>&1 || ret=1
154kill_named ns2/named.pid && ret=1
155test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
156if [ $ret -ne 0 ]; then echo_i "failed"; fi
157status=$((status + ret))
158
159n=$((n + 1))
160echo_i "checking that named logs control characters in octal notation ($n)"
161ret=0
162INSTANCE_NAME="runtime-ns2-extra-7-$(cat ctrl-chars)"
163testpid=$(run_named ns2 named$n.run -c named-alt4.conf -D "${INSTANCE_NAME}")
164test -n "$testpid" || ret=1
165retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
166grep 'running as.*\\177\\033' ns2/named$n.run >/dev/null || ret=1
167kill_named ns2/named.pid || ret=1
168test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
169if [ $ret -ne 0 ]; then echo_i "failed"; fi
170status=$((status + ret))
171
172n=$((n + 1))
173echo_i "checking that named escapes special characters in the logs ($n)"
174ret=0
175INSTANCE_NAME="runtime-ns2-extra-8-$;"
176testpid=$(run_named ns2 named$n.run -c named-alt4.conf -D "${INSTANCE_NAME}")
177test -n "$testpid" || ret=1
178retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
179grep 'running as.*\\$\\;' ns2/named$n.run >/dev/null || ret=1
180kill_named ns2/named.pid || ret=1
181test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
182if [ $ret -ne 0 ]; then echo_i "failed"; fi
183status=$((status + ret))
184
185n=$((n + 1))
186echo_i "checking that named logs an ellipsis when the command line is larger than 8k bytes ($n)"
187ret=0
188LONG_CMD_LINE=$(cat long-cmd-line)
189# shellcheck disable=SC2086
190testpid=$(run_named ns2 named$n.run $LONG_CMD_LINE -c "named-alt4.conf")
191test -n "$testpid" || ret=1
192retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
193grep "running as.*\.\.\.$" ns2/named$n.run >/dev/null || ret=1
194kill_named ns2/named.pid || ret=1
195test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
196if [ $ret -ne 0 ]; then echo_i "failed"; fi
197status=$((status + ret))
198
199n=$((n + 1))
200echo_i "checking that named log missing IPv4 primaries in -4 mode ($n)"
201ret=0
202INSTANCE_NAME="missing-primaries-ipv4-only-mode"
203testpid=$(run_named ns2 named$n.run -c named-alt5.conf -D "${INSTANCE_NAME}" -4)
204test -n "$testpid" || ret=1
205retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
206grep "IPv6 disabled and no IPv4 primaries" ns2/named$n.run >/dev/null || ret=1
207kill_named ns2/named.pid || ret=1
208test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
209if [ $ret -ne 0 ]; then echo_i "failed"; fi
210status=$((status + ret))
211
212n=$((n + 1))
213echo_i "checking that named log missing IPv6 primaries in -6 mode ($n)"
214ret=0
215INSTANCE_NAME="missing-primaries-ipv4-only-mode"
216testpid=$(run_named ns2 named$n.run -c named-alt5.conf -D "${INSTANCE_NAME}" -6)
217test -n "$testpid" || ret=1
218retry_quiet 60 check_named_log "running$" ns2/named$n.run || ret=1
219grep "IPv4 disabled and no IPv6 primaries" ns2/named$n.run >/dev/null || ret=1
220kill_named ns2/named.pid || ret=1
221test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
222if [ $ret -ne 0 ]; then echo_i "failed"; fi
223status=$((status + ret))
224
225n=$((n + 1))
226echo_i "verifying that named switches UID ($n)"
227if [ "$(id -u)" -eq 0 ]; then
228  ret=0
229  {
230    TEMP_NAMED_DIR=$(mktemp -d "$(pwd)/ns2/tmp.XXXXXXXX")
231    rc=$?
232  } || true
233  if [ "$rc" -eq 0 ]; then
234    copy_setports ns2/named-alt9.conf.in "${TEMP_NAMED_DIR}/named-alt9.conf"
235    chown -R nobody: "${TEMP_NAMED_DIR}"
236    chmod 0700 "${TEMP_NAMED_DIR}"
237    testpid=$(run_named "${TEMP_NAMED_DIR}" "${TEMP_NAMED_DIR}/named$n.run" -u nobody -c named-alt9.conf)
238    test -n "$testpid" || ret=1
239    retry_quiet 60 check_named_log "running$" "${TEMP_NAMED_DIR}/named$n.run" || ret=1
240    [ -s "${TEMP_NAMED_DIR}/named9.pid" ] || ret=1
241    grep "loading configuration: permission denied" "${TEMP_NAMED_DIR}/named$n.run" >/dev/null && ret=1
242    kill_named "${TEMP_NAMED_DIR}/named9.pid" || ret=1
243    test -n "$testpid" || ret=1
244    test -n "$testpid" && retry_quiet 10 check_pid $testpid || ret=1
245  else
246    echo_i "mktemp failed"
247    ret=1
248  fi
249  if [ $ret -ne 0 ]; then echo_i "failed"; fi
250  status=$((status + ret))
251else
252  echo_i "skipped, not running as root"
253fi
254
255echo_i "exit status: $status"
256[ $status -eq 0 ] || exit 1
257